Author Topic: Cisco Patches Up Zero-Day Used by CIA to Exploit Hundreds of Switches  (Read 30 times)

0 Members and 1 Guest are viewing this topic.

Offline Gilbert

  • Updates Moderator
  • *
  • Posts: 31721
Cisco Patches Up Zero-Day Used by CIA to Exploit Hundreds of Switches
« Reply #1 on: May 10, 2017, 12:25:25 AM »
Cisco Patches Up Zero-Day Used by CIA to Exploit Hundreds of Switches
9 May 2017, 11:19 pm

Cisco has finally worked out how to kill that critical flaw that the FBI was using to exploit its switches. The company had previously announced that a patch was coming, and now it looks like it finally delivered on that promise. 

A few weeks ago it was reported that the CIA was using a zero-day exploit which allowed attackers to issue commands that remotely executed malicious code. This issue affected 318 models of Cisco switches. 

The revelation was made by Wikileaks in its Vault 7 leak series where CIA documents regarding its hacking techniques and tools are detailed. 

The bug the CIA was exploiting resides in the Cisco Cluster Management Protocol, which uses the telnet protocol to deliver signals and commands on internal networks. The whole problem stems from the failure to restrict the telnet options to local communications and the incorrect p... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks